SECURE BOOT OVERRIDE IN A COMPUTING DEVICE EQUIPPED WITH UNIFIED-EXTENSIBLE FIRMWARE INTERFACE (UEFI)-COMPLIANT FIRMWARE
First Claim
1. A method for bypassing a Secure Boot sequence in a computing device equipped with Unified Extensible Firmware Interface (UEFI)-compliant firmware, the method comprising:
- beginning, with the UEFI-compliant firmware, execution of a boot sequence for the computing device;
detecting, during execution of the boot sequence, that a Secure Boot configuration setting is enabled;
detecting, during execution of the boot sequence, an indication of a Secure Boot override condition, the indication of the Secure Boot override condition generated after the beginning of the boot sequence;
continuing the boot sequence without signature checking an executable based on the detection of the indication of the Secure Boot override condition, andinvoking the executable.
1 Assignment
0 Petitions
Accused Products
Abstract
A firmware-based system and method for detecting an indicator of an override condition during a Unified Extensible Firmware Interface (UEFI) Secure Boot sequence. The indicator of the override condition may be detected based upon the pressing of a specialized button, designated key or keys or other received input that indicates both physical presence of the user and the desire, on the current boot, to bypass UEFI Secure Boot. An embodiment may work for only a single boot, not require access into a setup application, and may be accessed by externally accessible features of the computer system.
26 Citations
20 Claims
-
1. A method for bypassing a Secure Boot sequence in a computing device equipped with Unified Extensible Firmware Interface (UEFI)-compliant firmware, the method comprising:
-
beginning, with the UEFI-compliant firmware, execution of a boot sequence for the computing device; detecting, during execution of the boot sequence, that a Secure Boot configuration setting is enabled; detecting, during execution of the boot sequence, an indication of a Secure Boot override condition, the indication of the Secure Boot override condition generated after the beginning of the boot sequence; continuing the boot sequence without signature checking an executable based on the detection of the indication of the Secure Boot override condition, and invoking the executable. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A non-transitory medium holding computer-executable instructions for bypassing a Secure Boot sequence in a computing device equipped with Unified Extensible Firmware Interface (UEFI)-compliant firmware, the instructions when executed causing the computing device to:
-
begin, with the UEFI-compliant firmware, execution of a boot sequence for the computing device; detect, during execution of the boot sequence, that a Secure Boot configuration setting is enabled; detect, during execution of the boot sequence, an indication of a Secure Boot override condition, the indication generated after the beginning of the boot sequence; continue the boot sequence without signature checking an executable based on the detection of the indication of the Secure Boot override condition, and invoke the executable. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A computing device, comprising:
-
an interface for an input device; a processor; read-only memory holding Unified Extensible Firmware Interface (UEFI)-compliant firmware configured to execute a boot sequence for the computing device, the UEFI-compliant firmware; beginning execution of the boot sequence; detecting, during execution of the boot sequence, that a Secure Boot configuration setting is enabled; detecting, during execution of the boot sequence, an indication of a Secure Boot override condition, the indication generated after the beginning of the boot sequence; continuing the boot sequence without signature checking an executable based on the detection of the indication of the Secure Boot override condition, and invoking the executable. - View Dependent Claims (16, 17, 18)
-
-
19. A non-transitory medium holding computer-executable instructions for bypassing a Secure Boot sequence in a computing device equipped with Unified Extensible Firmware Interface (UEFI)-compliant firmware, the instructions when executed causing the computing device to:
-
begin, with the UEFI-compliant firmware, execution of a boot sequence for the computing device that detects an expansion card in the computing device; detect, during execution of the boot sequence, that a Secure Boot configuration setting is enabled; detect, during execution of the boot sequence, an indication of a Secure Boot override condition, the indication generated after the beginning of the boot sequence; continue the boot sequence without signature checking a driver for the expansion card based on the detection of the indication of the Secure Boot override condition, and load the driver for the expansion card. - View Dependent Claims (20)
-
Specification